Vulnerabilities > CVE-2005-0975 - Local Integer Overflow vulnerability in Darwin Kernel Mach File Parsing
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the Darwin Kernel as used in Mac OS X 10.3.7, and other versions before 10.3.9, allows local users to cause a denial of service (CPU consumption) via a crafted mach-o header.
Vulnerable Configurations
Nessus
NASL family | MacOS X Local Security Checks |
NASL id | MACOSX_10_3_9.NASL |
description | The remote host is running a version of Mac OS X 10.3.x that is prior to 10.3.9. Mac OS X 10.3.9 contains several security fixes for : - Safari : a remote local zone script execution vulnerability has been fixed - kernel : multiple local privilege escalation vulnerabilities have been fixed |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 18062 |
published | 2005-04-16 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/18062 |
title | Mac OS X 10.3.x < 10.3.9 Multiple Vulnerabilities |
code |
|
References
- http://felinemenace.org/advisories/macosx.txt
- http://lists.apple.com/archives/security-announce/2005/Apr/msg00000.html
- http://marc.info/?l=bugtraq&m=110616533903671&w=2
- http://secunia.com/advisories/13902
- http://securitytracker.com/id?1012941
- http://securitytracker.com/id?1013735
- http://www.ciac.org/ciac/bulletins/p-185.shtml
- http://www.securityfocus.com/bid/12314
- http://www.vupen.com/english/advisories/2005/0041
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18979